<?php

include_once ('../utilities.php')

?>
<!DOCTYPE html>
<html>
<head>
	<link rel="stylesheet" type="text/css" href="../reset.css">
	<link rel="stylesheet" type="text/css" href="../mainStyle.css">
	<link rel="stylesheet" type="text/css" href="../searchButton.css">
	<title>SHPE</title>
</head>
<body>

	<div id="container">
		<?php

error_reporting(-1);
$root = '../';
include_once ('../header.php')

?>
        
		<div id="page-body">
			<?php

if (!empty($_POST['email']) && !empty($_POST['password']) && !empty($_POST['permission']) &&
    !empty($_POST['firstname']) && !empty($_POST['lastname']) && !empty($_POST['chapter']))
{
    //Posted to form
    if (checkEmail($_POST['email']) && checkPassword($_POST['password']))
    {
        //Email and password are valid, set up strings for sql
        $permission = $_POST['permission'] - 1;
        $email = mysqli_real_escape_string($mysqli, $_POST['email']);
        $password = mysqli_real_escape_string($mysqli, sha1($_POST['password']));
        $permission = intval($permission);
        $firstname = mysqli_real_escape_string($mysqli, $_POST['firstname']);
        $lastname = mysqli_real_escape_string($mysqli, $_POST['lastname']);

        $chapterid = $_POST['chapter'] - 1;

        $query = "SELECT * FROM Users WHERE Email = '" . $email . "'";
        $data = $mysqli->query($query);

        //Check if email already registered
        if ($data->num_rows != 0)
        {
            echo "<p>Sorry, that email is already registered. Please <a href=\"./\">click here to try again</a>.</p>";
        } else
        {
            //Register account
            $query = "INSERT INTO Users (Email,FirstName,LastName,Password,PermissionID,ChapterID,PictureID) VALUES('" .
                $email . "', '" . $firstname . "', '" . $lastname . "', '" . $password . "', '" .
                $permission . "', '" . $chapterid . "','-1')";
            $registerquery = $mysqli->query($query);
            if ($registerquery)
            {
                echo "<p>Your account was successfully created. Please <a href=\"../login/\">click here to login</a>.</p>";
                //Insert user to forum database
                define('IN_PHPBB', true);
                $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : '../forum/';
                $phpEx = substr(strrchr(__file__, '.'), 1);
                //Include forum functions
                include ($phpbb_root_path . 'common.' . $phpEx);
                include ($phpbb_root_path . 'includes/functions_display.' . $phpEx);
                require_once ('../forum/includes/functions_user.php');
                //Set user's data
                $prefix = substr($_POST['email'], 0, strrpos($_POST['email'], '@'));
                $user_row = array(
                    'username' => $prefix,
                    'user_password' => phpbb_hash($_POST['password']),
                    'user_email' => $_POST['email'],
                    'group_id' => 2,
                    'user_type' => 0,
                    );
                //Insert the row
                $newid = user_add($user_row);
            } else
            {
                echo "<p>Sorry, your registration failed. Please <a href=\"./\">click here to try again</a>.</p>";
            }
        }
    } elseif (!checkEmail($_POST['email']))
    {
        echo "<p>Please input a valid email address to register. Please <a href=\"./\">click here to try again</a>.</p>";
    } else
    {
        echo "<p>Please input a valid password to register. Please <a href=\"./\">click here to try again</a>.</p>";
    }
} else
{

?>
					
					<h1>Register</h1>
					
					<p>Please enter your details below to register.</p>
					<p>A password must be at least 8 characters in length and contain both letters and numbers.</p>
					
					<form method="post" action="./" name="registerform" id="registerform">
						<label for="email">Email:</label><input type="text" name="email" id="email" /><br />
						<label for="password">Password:</label><input type="password" name="password" id="password" /><br />
						<label for="firstname">First Name:</label><input type="text" name="firstname" id="firstname" /><br />
						<label for="lastname">Last Name:<input type="text" name="lastname" id="lastname" /><br />
						<input type="radio" name="permission" value="1" />Member<br />
						<input type="radio" name="permission" value="2" />President<br />
						<input type="radio" name="permission" value="3" />Vice-President<br />
						<input type="radio" name="permission" value="4" />Treasurer<br />
						<input type="radio" name="permission" value="5" />Secretary<br />
						<input type="radio" name="permission" value="6" />Web-Admin<br />
						<p> Chapter </p>
						<select name="chapter">
						<?php

    $query = "SELECT ChapterId, ChapterName FROM Chapters";
    $data = $mysqli->query($query);
    if (!empty($data))
    {
        while ($arr = $data->fetch_array(MYSQLI_ASSOC))
        {

?>
									<option value=<?=

            $arr['ChapterId'] + 1

?>> <?=

            $arr['ChapterName']

?> </option>
									<?php

        }
    }

?>
						</select>
						<p> If you do not see your chapter, please register your chapter <a href="./chapterregistration/">here</a> first. </p>
						<br />
						<input type="submit" name="register" id="register" value="Register" />
					</form>
					
					<?php

}

?>
		</div>
		
		<?php

include_once ('../footer.php')

?>
	</div>

</body>
</html>